libkdcraw (SL7)

Synopsis: Moderate: libkdcraw security update Advisory ID: SLSA-2018:3065-1 Issue Date: 2018-10-30 CVE Numbers: CVE-2018-5800 CVE-2018-5801 CVE-2018-5802 CVE-2018-5805 CVE-2018-5806 — * LibRaw: Stack-based buffer overflow in quicktake_100_load_raw() function in internal/dcraw_common.cpp (CVE-2018-5805) * LibRaw: Heap-based buffer overflow in LibRaw::kodak_ycbcr_load_raw function in internal/dcraw_common.cpp … Read More

389-ds-base (SL7)

Synopsis: Moderate: 389-ds-base security, bug fix, and Advisory ID: SLSA-2018:3127-1 Issue Date: 2018-10-30 CVE Numbers: CVE-2018-10935 CVE-2018-14648 — Security Fix(es): * 389-ds-base: Mishandled search requests in servers/slapd/search.c:do_search() allows for denial of service (CVE-2018-14648) — SL7 x86_64 389-ds-base-1.3.8.4-15.el7.x86_64.rpm 389-ds-base-debuginfo-1.3.8.4-15.el7.x86_64.rpm 389-ds-base-devel-1.3.8.4-15.el7.x86_64.rpm 389-ds-base-libs-1.3.8.4-15.el7.x86_64.rpm … Read More

samba (SL7)

Synopsis: Moderate: samba security, bug fix, and enhancement update Advisory ID: SLSA-2018:3056-1 Issue Date: 2018-10-30 CVE Numbers: CVE-2018-1050 CVE-2018-1139 CVE-2018-10858 — Security Fix(es): * samba: Weak authentication protocol regression (CVE-2018-1139) * samba: Insufficient input validation in libsmbclient (CVE-2018-10858) * samba: … Read More

curl and nss-pem (SL7)

Synopsis: Moderate: curl and nss-pem security and bug fix update Advisory ID: SLSA-2018:3157-1 Issue Date: 2018-10-30 CVE Numbers: CVE-2018-1000007 CVE-2018-1000120 CVE-2018-1000121 CVE-2018-1000122 CVE-2018-1000301 — Security Fix(es): * curl: HTTP authentication leak in redirects (CVE-2018-1000007) * curl: FTP path trickery leads … Read More

setup (SL7)

Synopsis: Low: setup security and bug fix update Advisory ID: SLSA-2018:3249-1 Issue Date: 2018-10-30 CVE Numbers: CVE-2018-1113 — Security Fix(es): * setup: nologin listed in /etc/shells violates security expectations (CVE-2018-1113) — SL7 noarch setup-2.8.71-10.el7.noarch.rpm – Scientific Linux Development Team

binutils (SL7)

Synopsis: Low: binutils security, bug fix, and enhancement update Advisory ID: SLSA-2018:3032-1 Issue Date: 2018-10-30 CVE Numbers: CVE-2018-7208 CVE-2018-7568 CVE-2018-7569 CVE-2018-7642 CVE-2018-7643 CVE-2018-8945 CVE-2018-10372 CVE-2018-10373 CVE-2018-10534 CVE-2018-10535 CVE-2018-13033 — Security Fix(es): * binutils: Improper bounds check in coffgen.c:coff_pointerize_aux() allows for … Read More

python (SL7)

Synopsis: Moderate: python security and bug fix update Advisory ID: SLSA-2018:3041-1 Issue Date: 2018-10-30 CVE Numbers: CVE-2018-1060 CVE-2018-1061 — Security Fix(es): * python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib (CVE-2018-1061) * python: DOS via regular expression … Read More

sssd (SL7)

Synopsis: Low: sssd security, bug fix, and enhancement update Advisory ID: SLSA-2018:3158-1 Issue Date: 2018-10-30 CVE Numbers: CVE-2018-10852 — Security Fix(es): * sssd: information leak from the sssd-sudo responder (CVE-2018-10852) — SL7 x86_64 libipa_hbac-1.16.2-13.el7.i686.rpm libipa_hbac-1.16.2-13.el7.x86_64.rpm libsss_autofs-1.16.2-13.el7.x86_64.rpm libsss_certmap-1.16.2-13.el7.i686.rpm libsss_certmap-1.16.2-13.el7.x86_64.rpm libsss_idmap-1.16.2-13.el7.i686.rpm libsss_idmap-1.16.2-13.el7.x86_64.rpm … Read More

gnutls (SL7)

Synopsis: Moderate: gnutls security, bug fix, and enhancement Advisory ID: SLSA-2018:3050-1 Issue Date: 2018-10-30 CVE Numbers: CVE-2018-10844 CVE-2018-10845 CVE-2018-10846 — Security Fix(es): * gnutls: HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy function calls (CVE-2018-10844) * gnutls: … Read More

git (SL7)

Synopsis: Important: git security update Advisory ID: SLSA-2018:3408-1 Issue Date: 2018-10-31 CVE Numbers: CVE-2018-17456 — Security Fix(es): * git: arbitrary code execution via .gitmodules (CVE-2018-17456) — SL7 x86_64 git-1.8.3.1-20.el7.x86_64.rpm git-daemon-1.8.3.1-20.el7.x86_64.rpm git-debuginfo-1.8.3.1-20.el7.x86_64.rpm git-gnome-keyring-1.8.3.1-20.el7.x86_64.rpm git-svn-1.8.3.1-20.el7.x86_64.rpm git-1.8.3.1-20.el7.src.rpm noarch emacs-git-1.8.3.1-20.el7.noarch.rpm emacs-git-el-1.8.3.1-20.el7.noarch.rpm git-all-1.8.3.1-20.el7.noarch.rpm git-bzr-1.8.3.1-20.el7.noarch.rpm git-cvs-1.8.3.1-20.el7.noarch.rpm … Read More